|
|
---
- name: Cilium | Ensure BFPFS mounted
mount:
fstype: bpf
path: /sys/fs/bpf
src: bpffs
state: mounted
- name: Cilium | Create Cilium certs directory
file:
dest: "{{ cilium_cert_dir }}"
state: directory
mode: 0750
owner: root
group: root
- name: Cilium | Link etcd certificates for cilium
file:
src: "{{ etcd_cert_dir }}/{{ item.s }}"
dest: "{{ cilium_cert_dir }}/{{ item.d }}"
state: hard
force: yes
with_items:
- {s: "{{ kube_etcd_cacert_file }}", d: "ca_cert.crt"}
- {s: "{{ kube_etcd_cert_file }}", d: "cert.crt"}
- {s: "{{ kube_etcd_key_file }}", d: "key.pem"}
- name: Cilium | Create Cilium node manifests
template:
src: "{{ item.file }}.j2"
dest: "{{ kube_config_dir }}/{{ item.file }}"
with_items:
- {name: cilium, file: cilium-config.yml, type: cm}
- {name: cilium, file: cilium-crb.yml, type: clusterrolebinding}
- {name: cilium, file: cilium-cr.yml, type: clusterrole}
- {name: cilium, file: cilium-ds.yml, type: ds}
- {name: cilium, file: cilium-deploy.yml, type: deploy}
- {name: cilium, file: cilium-sa.yml, type: sa}
register: cilium_node_manifests
when:
- inventory_hostname in groups['kube-master']
- name: Cilium | Enable portmap addon
template:
src: 000-cilium-portmap.conflist.j2
dest: /etc/cni/net.d/000-cilium-portmap.conflist
when: cilium_enable_portmap
|
